Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Direct process access

a process and process technology, applied in the field of direct process access, can solve the problems of allowing malware or threats to go undetected, process and module list returned from the operating system using system calls may not be correct,

Inactive Publication Date: 2010-10-12
NORTONLIFELOCK INC
View PDF11 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The DPA engine effectively detects and tracks changes in processes and modules, ensuring accurate notification information is provided to security programs, enhancing the ability to detect and remove hidden malware, thereby mitigating the stealth capabilities of rootkits and improving system security.

Problems solved by technology

Thus, using known prior art systems / methods, such as illustrated in FIG. 2, currently running process lists and run-time module lists can be compromised by a filter program, thereby potentially allowing malware or threats to go undetected.
Therefore, the process and module list returned from the operating system using system calls may not be correct.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Direct process access
  • Direct process access
  • Direct process access

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052]The following modes, given by way of example only, are described in order to provide a more precise understanding of the subject matter of a preferred embodiment or embodiments.

Processing System

[0053]A particular embodiment of the present invention can be implemented on a computer system, or more generally a processing system, an example of which is shown in FIG. 1. In particular, processing system 100 generally includes at least one processor 102, or processing unit or plurality of processors, memory 104, at least one input device 106 and at least one output device 108, coupled together via a bus or group of buses 110. In certain embodiments, input device 106 and output device 108 could be the same device. An interface 112 can also be provided for coupling processing system 100 to one or more peripheral devices, for example interface 112 could be a PCI card or PC card. At least one storage device 114 which houses at least one database 116 can also be provided. Memory 104 can ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A method, computer program product and system for obtaining notification information about the state of an operating system. The method includes the steps of receiving, by a Direct Process Access (DPA) engine, a request for the notification information from a requesting program. The notification information is obtained from a database associated with the DPA engine and the notification information is provided to the requesting program. The DPA engine receives update information indicative of changes in the notification information directly from the operating system and causes the notification information to be updated in the database.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]This application claims the benefit of priority from Provisional Application Ser. No. 60 / 835,417, filed Aug. 3, 2006 entitled Direct Process AccessTECHNICAL FIELD[0002]The present invention generally relates to the field of computing and malicious software or software threats, such as for example rootkits, and more particularly to a method, system, computer readable medium of instructions and / or computer program product for providing a form of direct access to an operating system so as to obtain a true process or module list.BACKGROUND ART[0003]As used herein a “threat” includes malicious software, also known as “malware” (a portmanteau word of “malicious software”) or “pestware”, which includes software that is included or inserted in a part of a processing system for a harmful purpose. The term threat should be read to include both possible, potential and actual threats. Types of malware can include, but are not limited to, malicious li...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(United States)
IPC IPC(8): G06F12/14
CPCG06F21/57
Inventor PARK, SEUNG BAE
Owner NORTONLIFELOCK INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products